Apple’s App Store Malware Attack Affected 4,000 Apps
The recent malware attack on Apple’s App Store may have infected up to 4,000 apps, security researchers have revealed.
The attack was discovered earlier this week, after various security firms detected an infected version of its developer tools, which caused several Chinese apps to leak the personal information of its users.
Apple reported that the hackers were able to embed the malicious code, identified as “XcodeGhost” into the tainted apps by convincing developers that it was the correct version of Apple’s software Xcode.
The software then remained undetected during Apple’s app review process.
The founder of mobile dating app Cuddli, who also worked for Microsoft in China, said: “These reviews are legendary for how particular Apple is.
“Supposedly, a security review is part of that. But they missed this repeatedly over dozens of different applications. A huge mistake on their part.”
Initial research by one Chinese security firm predicted that a total of 344 apps were carrying the tainted XcodeGhost, however US security firm Palo Alto Networks now believes the total number of infected apps was considerably larger than the first count.
Security company FireEye has said the figure could now stand as high as 4,000.
Prior to this serious attack, the technology company had only detected a surprisingly low total of five malicious apps on its App Store.
While intelligence specialists have said this particular tainted code had limited functionality, developers are fast becoming big targets for attacks of this nature.
Now that Apple’s software outlet has been penetrated by hackers, concerns are now growing about the potential of a more serious breach in the future.
Apple has since released advice so developers can check their versions of its Xcode software.